package com.blm.controller.common;

import com.blm.common.Result;
import com.blm.dto.LoginDTO;
import com.blm.dto.RegisterDTO;
import com.blm.entity.User;
import com.blm.service.UserService;
import com.blm.util.JwtUtil;
import com.blm.vo.LoginVO;
import com.blm.vo.UserVO;
import io.swagger.v3.oas.annotations.Operation;
import io.swagger.v3.oas.annotations.tags.Tag;
import io.swagger.v3.oas.annotations.parameters.RequestBody; // Import RequestBody
import io.swagger.v3.oas.annotations.responses.ApiResponse; // Import ApiResponse
import io.swagger.v3.oas.annotations.media.Content; // Import Content
import io.swagger.v3.oas.annotations.media.Schema; // Import Schema
import jakarta.validation.Valid;
import org.springframework.beans.BeanUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.web.bind.annotation.*;

@Tag(name = "用户认证", description = "提供用户注册、登录、登出等功能")
@RestController
@RequestMapping("/api/auth")
public class AuthController {

    @Autowired
    private UserService userService;

    @Autowired
    private AuthenticationManager authenticationManager;

    @Autowired
    private JwtUtil jwtUtil;

    @Operation(summary = "用户注册", description = "根据提供的用户信息创建新用户账号")
    @ApiResponse(responseCode = "200", description = "注册成功", content = @Content(mediaType = "application/json", schema = @Schema(implementation = UserVO.class)))
    @PostMapping("/register")
    public Result<UserVO> register(@RequestBody(description = "用户注册信息", required = true, content = @Content(schema = @Schema(implementation = RegisterDTO.class))) @Valid @org.springframework.web.bind.annotation.RequestBody RegisterDTO dto) {
        UserVO userVO = userService.register(dto);
        return Result.success(userVO);
    }

    @Operation(summary = "用户登录", description = "使用用户名和密码进行登录，成功后返回Token和用户信息")
    @ApiResponse(responseCode = "200", description = "登录成功", content = @Content(mediaType = "application/json", schema = @Schema(implementation = LoginVO.class)))
    @PostMapping("/login")
    public Result<LoginVO> login(@RequestBody(description = "用户登录凭证", required = true, content = @Content(schema = @Schema(implementation = LoginDTO.class))) @org.springframework.web.bind.annotation.RequestBody LoginDTO dto) {
        authenticationManager.authenticate(
                new UsernamePasswordAuthenticationToken(dto.getUsername(), dto.getPassword())
        );
        User user = userService.findUserByUsername(dto.getUsername());
        UserDetails ud = userService.getUserDetails(user);
        String token = jwtUtil.generateToken(ud);
        UserVO userVO = new UserVO();
        BeanUtils.copyProperties(user, userVO);
        LoginVO vo = new LoginVO();
        vo.setToken(token);
        vo.setUserInfo(userVO);
        return Result.success(vo);
    }

    @Operation(summary = "用户登出", description = "用户登出系统 (对于无状态JWT，主要由客户端清除Token)")
    @ApiResponse(responseCode = "200", description = "登出成功")
    @GetMapping("/logout")
    public Result<Void> logout() {
        // In a stateless JWT setup, server-side logout might be minimal.
        // Invalidate token if using a blacklist/refresh token strategy.
        return Result.success(null);
    }
}
